package cms.service.access;

import cms.bean.ErrorView;
import cms.bean.setting.SystemSetting;
import cms.bean.user.AccessUser;
import cms.bean.user.ResourceEnum;
import cms.bean.user.User;
import cms.common.data.ApiResult;
import cms.common.data.ApiResultCode;
import cms.common.exception.ServiceException;
import cms.service.setting.SettingService;
import cms.utils.threadLocal.AccessUserThreadLocal;
import cms.manage.user.UserManage;
import cms.manage.user.UserRoleManage;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import static cms.common.SystemConstant.SiteStatus.READ_ONLY;

/**
 *
 */
@Service
public class SystemActAccessService implements AccessService<Long> {
    @Resource
    SettingService settingService;
    @Resource
    UserManage userManage;
    @Resource
    UserRoleManage userRoleManage;
    @Autowired
    private HttpSession session;

    /**
     * 系统公共限制
     *
     * @param accessUser
     * @param act
     * @param request
     * @param tagId
     * @return
     */
    public ApiResult access(AccessUser accessUser, String act, HttpServletRequest request, Long tagId) {
        SystemSetting systemSetting = settingService.findSystemSettingCache();
        if (systemSetting.getCloseSite().equals(READ_ONLY.getValue())) {
//            error.put("topic", ErrorView._21.name());//只读模式不允许提交数据
            throw new ServiceException(ApiResultCode.NO_PERMISSION.setMessage(ErrorView._21.name()));
        }
        if (StringUtils.equals(act, "topic")) {
            //如果全局不允许提交话题
            if (systemSetting.isAllowTopic() == false) {
//                error.put("topic", ErrorView._110.name());//不允许提交话题
                throw new ServiceException(ApiResultCode.NO_PERMISSION.setMessage(ErrorView._110.name()));
            }
            //如果实名用户才允许提交话题
            if (systemSetting.isRealNameUserAllowTopic() == true) {
                //获取登录用户
                accessUser = AccessUserThreadLocal.get(session);
                if (accessUser != null) {
                    User _user = userManage.queryCacheFindUserByUserName(accessUser.getUserName());
                    if (_user.isRealNameAuthentication() == false) {
//                        error.put("topic", ErrorView._109.name());//实名用户才允许提交话题
                        throw new ServiceException(ApiResultCode.NO_LOGIN_SUCCESS.setMessage(ErrorView._109.name()));
                    }
                } else {
                    throw new ServiceException(ApiResultCode.NO_LOGIN_SUCCESS.setMessage(ErrorView._109.name()));
                }
            }
            if (tagId != null) {//话题ID
                accessUser = ObjectUtils.defaultIfNull(accessUser, AccessUserThreadLocal.get(session));
                //是否有当前功能操作权限
                boolean isPermission = userRoleManage.isPermission(ResourceEnum._1002000, tagId, accessUser);
                if (isPermission == false) {
                    return ApiResult.buildFailure(ApiResultCode.NO_PERMISSION);
                }
            }
        }
        return ApiResult.buildSuccess();
    }
}
